1. Hello!

    First of all, welcome to MapleLegends! You are currently viewing the forums as a guest, so you can only view the first post of every topic. We highly recommend registering so you can be part of our community.

    By registering to our forums you can introduce yourself and make your first friends, talk in the shoutbox, contribute, and much more!

    This process only takes a few minutes and you can always decide to lurk even after!

    - MapleLegends Administration-
  2. Experiencing disconnecting after inserting your login info? Make sure you are on the latest MapleLegends version. The current latest version is found by clicking here.
    Dismiss Notice

What is a Distributed Denial of Service (DDoS) Attack?

Discussion in 'General Discussion' started by SapphireJ, Oct 9, 2017.

  1. SapphireJ
    Offline

    SapphireJ Dark Stone Golem

    132
    31
    151
    Aug 30, 2017
    Male
    6:35 PM
    HarmonyMagic
    Beginner
    1
    Agape
    So, I started playing MapleLegends (ML) around June 2017 to re-live some good ol Maple Story memories and sadly, sometimes we all encounter server down times sometimes, caused by Distributed Denial of Service (DDoS) attacks. Whenever the server goes down due to these attacks, it causes many ML players asking everywhere on the ML Forums and Discord Server with questions such as the definition of a DDoS Attack, is it stoppable and who is doing it?

    With the overwhelming response whenever the attacks start, I decided to write a thread here to answer all of you player's questions once and for all.

    [​IMG]

    [​IMG]
    A Denial of Service (DoS) attack, is a cyber attack which utilizes a computer, server, botnet and/or network to flood/overwhelm a targeted server or network with meaningless traffic (or otherwise, overloading it), causing it to either dip in performance (lagging) or turning it into a zombie (connection loss).

    A Distributed Denial of Service (DDoS) attack, works the same as a DoS attack, but instead utilises multiple computers, servers, botnets and/or networks to "distribute" the attack and is typically stronger.

    Today, DDoS Attacks are one of the most feared attacks in the internet, especially websites or internet services that do not have the capacity or capability to fought these attacks. DDoS Attacks today can damage a business, ruin a company or community's reputation or cause customer flare. On some occasions, you can even pay to start a DDoS Attack for as low as US$5 per hour. DDoS Attacks can last for hours, days or even weeks.

    Examples of DDoS Attacks.
    - When we all MapleLegends players while playing starts to get abnormal server or lag and server disconnects.
    - Unable to access your favorite website, even though your internet connection is perfectly fine.
    There are many DDoS Attacks circling in the internet. But, for here I will list out the most common ones that are most likely used to attack game servers like MapleLegends.

    - Network/Transport Flood (Layer 3/4)

    This attack involves flooding the network with malicious incoming traffic, to overwhelm the routers or network equipment of the target. For instance, MapleLegends may be running on a network with a speed of up to 1000 Mbps and 2 Million Packets Per Second, which is plentiful for lots of players during a normal day. This DDoS Attack can overwhelm it excessive bandwidth like 5000 Mbps and 10 Million Packets Per Second, thus saturating the network, causing all players to time out and lose connection to the MapleLegends Server.

    - Application (Layer 7)
    This attack involves overwhelming the server and/or the application(s) running the MapleLegends Server. The server can become a ghost due to overwhelming traffic that causes the CPU to reach full load, causing all players to freeze and crash.

    There are also many other attacks. But as long as the attack involves disrupting the server or network and "denying" the service, it is considered a DDoS Attack.

    Usually, when a DDoS attack happens and if your service provider has the detection tool, they will send you an Anomaly Report. Like what I've received here:
    [​IMG] [​IMG]
    Here are a few videos, describing what DDoS Attacks are, should you prefer to watch videos.

    A casual way to describe a DDoS Attack is this movie clip from the movie "The Fate Of The Furious 2017", in which the Antagonist and her team hacks automated driving cars to immobilize a moving motorcade.
    In this case, the hacked Zombie cars are the botnets or hijacked PCs, while MapleLegends is the Motorcade/Target.



    Techquickie: DDoS Attacks as Fast As Possible


    Radware: What are DDoS Attacks? DDoS Explained

    1. Who is attacking and what are their reasons?
    ANS: Anyone who decides to launch or call a DDoS attack can be doing it for any reasons such as but not limiting to: Sabotage, Trolling or Halting Illegal activities.

    2. Is there DDoS Protection services and Hardware?
    ANS: Yes, but it is expensive, because DDoS Protection is mainly offered/deployed for corporate, internet servers or websites that do business. It also should be noted that even with one of the best protections, DDoS Attacks are extremely hard to win over (having a protection will still never guarantee the server being 100% protected or free from attacks, even though its better than no protection).

    3. Are DDoS Attacks illegal and can the law enforcement help to track down the attacker?
    ANS: While DDoS Attacks may or may not be legal in countries, the sad truth is, even law enforcement can not do much to help as its impossible to track the Mastermind. This is because, a DDoS Attack involves innocent, hacked PCs that the attacker use to attack the target; the attacker does not have to use his/her own PC to attack the server since he/she can just hack multiple PCs and use them to attack.


    4. Why do service providers halt the server (a.k.a Blackhole or Nullroute)?
    ANS: Whenever a server gets a DDoS Attack, the attack will not only affect the targeted server, but other users or customers on the network too unless the DDoS Attack isn't large enough to overwhelm the network. As service providers have to up keep their Service Level for good reputation, they have no choice but to Nullroute your server or other customers will begin experiencing low performance, causing them to report/complain to the service provider, even risking to leave.

    5. Are DDoS attacks the same as hacking and will the targeted website or service have their security compromised?
    ANS: No. A DDoS attack works differently than a hacker trying to break in a target to extract information via whatever means such as Brute Forcing. The primary focus of a DDoS attack is to overload the target with traffic and even if the attacker wishes to launch a hack attack as well, he/she has to somehow find a way to even get a response in the already halted target.

    So yeah, this is pretty much the information I can give and hope it will be useful for everyone here. Before I played MapleLegends, I used to host game servers for a VALVe game Team Fortress 2 and yes, battling DDoS Attacks was a headache as I got booted off 2 service providers and nearly got booted off my home internet connection (imagine that your ISP has to cut off your internet!!). I did manage to get proper DDoS protection in the end, but at the expense of me having to pay more money.

    If anyone has any questions about DDoS Attacks, feel free to reply to this thread and I will try my best to answer them. I study about these attacks in my studies too and I will be happy to answer them :)

    One thing everyone should note is, MapleLegends is hosted more as a hobby and leisure. Therefore, it isn't a business like Neckson, hosting official Maple Story game servers. It is pretty difficult to manage private game servers like this as it requires Business Level Precision and Labor, also, the server staff too, have a life to live too. So, be courteous and appreciate the ML staff for putting work in the server and not taking it for granted.

    -AlicornMagic
     
    • Informative Informative x 17
    • Like Like x 4
    • Great Work Great Work x 3
  2. OP
    OP
    SapphireJ
    Offline

    SapphireJ Dark Stone Golem

    132
    31
    151
    Aug 30, 2017
    Male
    6:35 PM
    HarmonyMagic
    Beginner
    1
    Agape
    A Lil bump.

    Here is sort of an illustration example of what a DDoS is. A movie scene from The Fate Of The Furious. The target of a DDoS just gets bashed with so much traffic that it freezes due to the overwhelming traffic

    For this instance: Hacker uses hacked cars to take down a VIP Limo. the VIP Limo is MapleLegends and the hacked cars are the innocent computers hacked by the hackers, used to DDoS Attack.

    And if you get what I mean, stopping some traffic (car with mini gun on TOP tries to shoot some cars), there is too much traffic to stop and even some countermeasures can also get overwhelmed as well.

     
    • Creative Creative x 1
  3. Ryae
    Offline

    Ryae Wolfspider

    570
    1,098
    356
    Apr 17, 2015
    Female
    USA (West Coast)
    3:35 AM
    Ryae
    Night Lord
    138
    Nimbus
    Really well said!! I learned something today!
    As for the types of attacks, do you know more? For example, is it harder/more expensive/etc to perform an attack via the Network/Transport layers vs. the App layer? And from our point of view, how easy is it to tell what type of attack is happening (if even possible).
    Thanks again for making this dude ^^ ! Taking a data comm/networks class this semester, so always cool to connect it back to things that are relevant in my own life
     
    • Like Like x 1
  4. Lily
    Offline

    Lily Mixed Golem Retired Staff

    160
    238
    178
    Jul 23, 2015
    Female
    UK
    10:35 AM
    Lick
    F/P Arch Mage
    130
    Not OP, and I might be outdated on this as I haven't looked into it in years, but as far as I know Network Layer attacks aren't really as hard to detect or mitigate any more, basically being whoever has the bigger bandwidth capacity 'wins', but are way more common and tend to be long-duration attacks. Generally, if your DDoS mitigation service is a dedicated one, these can be reduced or negated WITHOUT affecting your userbase too much, but the larger the attack, the more difficult that is! (When DDoS mitigaton providers display their protection capacity, these are normally the attacks they're referring to.)

    App Layer attacks are harder to detect and mitigate, but also aren't nearly as common. Detecting them is a bit tricky as it's really easy to mix up standard user and attacking systems, and capacity isn't really important, so they tend to be cheaper, too. When these attacks occur they tend to be either small enough to barely be noticable, or a short-duration spike to quickly take a service out of action.
     
    • Like Like x 1
    • Informative Informative x 1
  5. Ryae
    Offline

    Ryae Wolfspider

    570
    1,098
    356
    Apr 17, 2015
    Female
    USA (West Coast)
    3:35 AM
    Ryae
    Night Lord
    138
    Nimbus
    Oh wow, interesting! Thanks for the quick and detailed reply! I learned even more today haha ^^
     
    • Like Like x 1
  6. mrdank
    Offline

    mrdank Blue Snail

    3
    2
    13
    Nov 5, 2017
    Male
    6:35 AM
    MrDank
    Assassin
    60
    upload_2017-12-25_18-47-28.png
     
    • Funny Funny x 2
  7. RADWIMPS
    Offline

    RADWIMPS Orange Mushroom

    33
    3
    38
    Apr 24, 2020
    3:35 AM
    Yooo, LOL TechQuickie that brings back memories
    OnionSilent
     
    • Like Like x 1
  8. RADWIMPS
    Offline

    RADWIMPS Orange Mushroom

    33
    3
    38
    Apr 24, 2020
    3:35 AM
  9. OP
    OP
    SapphireJ
    Offline

    SapphireJ Dark Stone Golem

    132
    31
    151
    Aug 30, 2017
    Male
    6:35 PM
    HarmonyMagic
    Beginner
    1
    Agape
    Bump for:

    Edited original post and updated in some items.
     
    • Friendly Friendly x 2
  10. Myungsoo
    Offline

    Myungsoo Slimy

    225
    137
    235
    Apr 10, 2020
    Male
    11:35 AM
    Robinn
    Crossbowman
    Now I'm just curious as to what type of DDOS protection Legends has, because as far as I know 20GB/s DDOS attacks should be relatively affordable seeing the size of this server. I doubt the DDOS is any greater than that?
     
  11. Eris
    Offline

    Eris Horny Mushroom

    42
    8
    56
    Nov 8, 2015
    Female
    11:35 AM
    AvatarKorra
    Beginner
    Can google get attacked too?
     
  12. OP
    OP
    SapphireJ
    Offline

    SapphireJ Dark Stone Golem

    132
    31
    151
    Aug 30, 2017
    Male
    6:35 PM
    HarmonyMagic
    Beginner
    1
    Agape
    I can't answer that since it can cause social engineering and information to sabotage ML (which is a violation of ToS).

    Yes, but Google has an extremely large network infrastructure and lots of Data Centers. So trying to take down Google with a DDoS is super impossible unless you make a record and stat breaking DDoS Attack.

    Even if you do like a 100Gbps DDoS attack to Google, that's kind of like a grain of salt. If you take down 1 data center, you still have like 10 or more to takedown. :p
     
  13. OP
    OP
    SapphireJ
    Offline

    SapphireJ Dark Stone Golem

    132
    31
    151
    Aug 30, 2017
    Male
    6:35 PM
    HarmonyMagic
    Beginner
    1
    Agape
    Some pics of how a DDoS Attack report looks like.

    My ISP sent me these when my game server was under a DDoS Attack in 2015.

    *added these to original post as well.
    [​IMG] [​IMG]
     

Share This Page